Ubuntu
ubuntu-advantage-tools package

segfault in apt-esm-hook

Bug #1929123 reported by Eric Desrochers
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
ubuntu-advantage-tools (Ubuntu)
Fix Released
Undecided
Chad Smith
Bionic
Fix Released
Undecided
Unassigned
Focal
Fix Released
Undecided
Unassigned
Groovy
Fix Released
Undecided
Unassigned
Hirsute
Fix Released
Undecided
Unassigned

Bug Description

[Impact]

This bug results in segfault messages interspersed within apt command output. The segfaults do not prevent apt from doing its job, but they do add noise and look concerning. Further, the user will not get the messages that uatools needs to inject into apt output. This can include important information, such as a warning that your esm contract is about to expire.

We fix this bug by adding a null-check on the Origin field of packages in the uatools apt-esm-hook. This prevents the segfault when the user has apt repos that leave the Origin field blank.

[Test Plan]

Reproduce the bug on a container by adding an apt repo that doesn't have an "Origin" specified. When running apt update or apt upgrade you will see "Segmentation fault (core dumped)" in the output. For example:

```
lxc launch ubuntu-daily:bionic test-apt-hook-segfault
lxc exec test-apt-hook-segfault -- bash
# inside the container now
wget -qO - https://packages.irods.org/irods-signing-key.asc | sudo apt-key add -
echo "deb [arch=amd64] https://packages.irods.org/apt/ xenial main" | sudo tee /etc/apt/sources.list.d/renci-irods.list
apt update
apt install irods-dev=4.2.2
apt update
```

At the end of the output of the last apt update command, you will see the segfault.

To see the fix in action, install the new ua version from our staging PPA. Continuing on the same container:
```
add-apt-repository ppa:ua-client/staging
apt install ubuntu-advantage-tools
apt update
```
There should be no segfaults anymore.

[Where problems could occur]

We're using a function called DeNull, defined in an apt header file. If a different version of apt comes out where the DeNull function is removed, or if its behavior changes, it could cause a FTBFS or for this bug to be reintroduced.

[Other Info]

We believe this is the same bug that caused uatools to be retracted from focal by the phased updates system. See that error here: https://errors.ubuntu.com/problem/4166288511f42a64aee694b80c7d9d3103bb8581

If we are correct, this bugfix will eliminate those recurring errors on focal as well.

[Original Description]

This bug has been brought to my attention by a UA Canonical customer.

In this current situation, there is no attached UA subscription.
They can repeatly reproduce the error on a newly installed Bionic system

Support (STS/SEG) can't reproduce it so far. Still under testing and investigation.

# dpkg

ii ubuntu-advantage-tools 27.0.2~18.04.1 amd64 management tools for Ubuntu Advantage
ii apt 1.6.13 amd64 commandline package manager
ii python3 3.6.7-1~18.04 amd64 interactive high-level object-oriented language (default python3 version)

# cat path_to_sosreport/sos_command/ubuntu/ua_status
SERVICE AVAILABLE DESCRIPTION
esm-infra yes UA Infra: Extended Security Maintenance (ESM)
fips yes NIST-certified FIPS modules
fips-updates yes Uncertified security updates to FIPS modules
livepatch yes Canonical Livepatch service

This machine is not attached to a UA subscription.

# systemd service
-* ua-messaging.service - Ubuntu Advantage APT and MOTD Messages
Loaded: loaded (/lib/systemd/system/ua-messaging.service; static; vendor preset: enabled)
Active: failed (Result: exit-code) since Thu 2021-05-20 09:25:13 BST; 57min ago
Process: 54277 ExecStart=/usr/bin/python3 /usr/lib/ubuntu-advantage/ua_update_messaging.py (code=exited, status=1/FAILURE)
Main PID: 54277 (code=exited, status=1/FAILURE)

May 20 09:25:13 python3[54277]: File "/usr/lib/ubuntu-advantage/ua_update_messaging.py", line 297, in update_apt_and_motd_messages
May 20 09:25:13 python3[54277]: util.subp(["/usr/lib/ubuntu-advantage/apt-esm-hook", Unit ypbind.service could not be found.
"process-templates"])
May 20 09:25:13 python3[54277]: File "/usr/lib/python3/dist-packages/uaclient/util.py", line 608, in subp
May 20 09:25:13 python3[54277]: out, err = _subp(args, rcs, capture, timeout, env=env)
May 20 09:25:13 python3[54277]: File "/usr/lib/python3/dist-packages/uaclient/util.py", line 565, in _subp
May 20 09:25:13 python3[54277]: stderr=err.decode("utf-8"),
May 20 09:25:13 python3[54277]: uaclient.util.ProcessExecutionError: Failed running command '/usr/lib/ubuntu-advantage/apt-esm-hook process-templates' [exit(-11)]. Message:
May 20 09:25:13 systemd[1]: ua-messaging.service: Main process exited, code=exited, status=1/FAILURE
May 20 09:25:13 systemd[1]: ua-messaging.service: Failed with result 'exit-code'.
May 20 09:25:13 systemd[1]: Failed to start Ubuntu Advantage APT and MOTD Messages.

# logs
2021-05-20 09:25:11,842 - ua_update_messaging.py:(278) [DEBUG]: Updating UA messages for APT and MOTD.
2021-05-20 09:25:11,842 - util.py:(414) [DEBUG]: Reading file: /etc/os-release
2021-05-20 09:25:11,848 - util.py:(414) [DEBUG]: Reading file: /var/lib/ubuntu-advantage/private/machine-token.json
2021-05-20 09:25:11,848 - config.py:(357) [DEBUG]: File does not exist: /var/lib/ubuntu-advantage/private/machine-token.json
2021-05-20 09:25:11,848 - util.py:(414) [DEBUG]: Reading file: /var/lib/ubuntu-advantage/private/machine-token.json
2021-05-20 09:25:11,848 - config.py:(357) [DEBUG]: File does not exist: /var/lib/ubuntu-advantage/private/machine-token.json
2021-05-20 09:25:11,848 - util.py:(414) [DEBUG]: Reading file: /var/lib/ubuntu-advantage/private/machine-token.json
2021-05-20 09:25:11,848 - config.py:(357) [DEBUG]: File does not exist: /var/lib/ubuntu-advantage/private/machine-token.json

syslog:May 20 09:25:25 kernel: [58330.647499] apt-esm-hook[54507]: segfault at 0 ip 00007f0045dc5426 sp 00007ffd10d0e738 error 4 in libc-2.27.so[7f0045d14000+1e7000]
syslog:May 20 09:25:27 kernel: [58332.528175] apt-esm-hook[54512]: segfault at 0 ip 00007f9921565426 sp 00007ffdae974668 error 4 in libc-2.27.so[7f99214b4000+1e

See original description
Tags: seg sts
Eric Desrochers (slashd)
tags: added: seg sts
description: updated
Revision history for this message
Eric Desrochers (slashd) wrote :

According to build log, apt-esm-hook seems to be in fact apt-hook/hook.cc at src package level:

install -D -m 755 hook /<<PKGBUILDDIR>>/debian/ubuntu-advantage-tools/usr/lib/ubuntu-advantage/apt-esm-hook

Revision history for this message
Chad Smith (chad.smith) wrote :

As Grant(https://code.launchpad.net/~orndorffgrant) mentioned in internal channels.

This likely could be related to the same Focal and later errors we are now seeing https://errors.ubuntu.com/problem/4166288511f42a64aee694b80c7d9d3103bb8581

We think the issue might be due to the apt origin of some configured repository not being present yet, or somehow properly configured.

To confirm, can we get the customer to provide us with:
  1. A gdb backtrace from running:
/usr/lib/ubuntu-advantage/apt-esm-hook process-templates

  2. Please also attach `apt-cache policy` output

  3. Maybe it's worth running this attached binary (test-apt-esm-hook) which has the following patch applied to our apt-esm-hook
Upstream source here: https://github.com/canonical/ubuntu-advantage-client/blob/main/apt-hook/hook.cc#L154

diff --git a/apt-hook/hook.cc b/apt-hook/hook.cc
index aed341d5..80b60c5d 100644
--- a/apt-hook/hook.cc
+++ b/apt-hook/hook.cc
@@ -151,7 +151,7 @@ static void check_esm_upgrade(pkgCache::PkgIterator pkg, pkgPolicy *policy, resu
    {
       for (pkgCache::VerFileIterator pf = ver.FileList(); !pf.end(); pf++)
       {
- if (pf.File().Archive() != 0 && pf.File().Origin() == std::string("UbuntuESM"))
+ if (pf.File().Archive() != 0 && DeNull(pf.File().Origin()) == std::string("UbuntuESM"))
          {
             if (std::find(res.esm_i_packages.begin(), res.esm_i_packages.end(), pkg.Name()) == res.esm_i_packages.end()) {
                 res.esm_i_packages.push_back(pkg.Name());
@@ -167,7 +167,7 @@ static void check_esm_upgrade(pkgCache::PkgIterator pkg, pkgPolicy *policy, resu
                 }
             }
          }
- if (pf.File().Archive() != 0 && pf.File().Origin() == std::string("UbuntuESMApps"))
+ if (pf.File().Archive() != 0 && DeNull(pf.File().Origin()) == std::string("UbuntuESMApps"))
          {
             if (std::find(res.esm_a_packages.begin(), res.esm_a_packages.end(), pkg.Name()) == res.esm_a_packages.end()) {
                 res.esm_a_packages.push_back(pkg.Name());

Revision history for this message
Chad Smith (chad.smith) wrote :

Put the related PR up as we explore this issue:
https://github.com/canonical/ubuntu-advantage-client/pull/1646

Revision history for this message
Chad Smith (chad.smith) wrote :

0051a8c41c4f19e5a569a88d8f9a9087 test-apt-esm-hook
Bionic build of apt-esm-hook with changeset from PR https://github.com/canonical/ubuntu-advantage-client/pull/1646

Please run on the affected system with `/test-apt-esm-hook process-templates` to confirm whether traceback is avoided.

Changed in ubuntu-advantage-tools (Ubuntu):
status: New → Incomplete
Revision history for this message
Chad Smith (chad.smith) wrote :

Please mark this bug back to "New" when we have further actionable comments or information that needs re-review. Again thanks for the bug and details.

Revision history for this message
Eric Desrochers (slashd) wrote :

Thanks Chad, will do.

Revision history for this message
Eric Desrochers (slashd) wrote :

Update from UA customer:

"
thanks for the updates.
I confirm that "test-apt-esm-hook" runs successfully with no segfault. Looks like you found it!
"

Changed in ubuntu-advantage-tools (Ubuntu):
status: Incomplete → New
Revision history for this message
Chad Smith (chad.smith) wrote :

Thank you for the confirmation of the fix!

We have landed an upstream commit in the project here
https://github.com/canonical/ubuntu-advantage-client/commit/264cb50838dd2abd1fe5418218283c1781f20f3b
as part of the pull request:
 - https://github.com/canonical/ubuntu-advantage-client/pull/1646

Our plan is to upload this fix to the Ubuntu development release (impish) as version 27.1 early next week.

Expect to see an upload of 27.1 to ppa:ua-client/staging when we begin testing that release.
We will perform a StableReleaseUpdate version 27.1 into Xenial, Bionic, Focal, Groovy and Hirsute once the upload Impish is accepted expect this within the next ~10 days in Bionic if all goes well.

Changed in ubuntu-advantage-tools (Ubuntu):
assignee: nobody → Chad Smith (chad.smith)
status: New → Fix Committed
Changed in ubuntu-advantage-tools (Ubuntu Bionic):
status: New → In Progress
Changed in ubuntu-advantage-tools (Ubuntu Focal):
status: New → In Progress
Changed in ubuntu-advantage-tools (Ubuntu Groovy):
status: New → In Progress
Changed in ubuntu-advantage-tools (Ubuntu Hirsute):
status: New → In Progress
Revision history for this message
Chad Smith (chad.smith) wrote :

Staging PPA for reference: https://launchpad.net/~ua-client/+archive/ubuntu/staging. We upload there first for testing before publishing bits.

Revision history for this message
Eric Desrochers (slashd) wrote :

As an FYI.

https://wiki.debian.org/DebianRepository/Format#Origin

"
Origin
Optional field indicating the origin of the repository, a single line of free form text.
"

Grant Orndorff (orndorffgrant)
description: updated
Grant Orndorff (orndorffgrant)
description: updated
description: updated
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ubuntu-advantage-tools - 27.1~21.10.1

---------------
ubuntu-advantage-tools (27.1~21.10.1) impish; urgency=medium

  * d/control:
    - specify debianutils min version
  * d/changelog:
    - fix lintian typos amend and redact incorrect 27.0 entry (GH: #1624)
  * lintian:
    - override ubuntu-advantage-pro wanted-by-target cloud-init
    - override xenial specific errors
    - rename package-specific overrides for pro vs tools
  * New upstream release 27.1:
    - apt-hook:
      + avoid segfault when comparing null Apt file origin to esm
        (LP: #1929123)
      + avoid wrapping static message formats at 80 chars
      + update go build flags based on lintian warnings (GH: #1626)
      + only add newlines for MOTD if message file length is non-zero
    - attach: do not print contract name if empty
    - autocomplete: Do not show beta services in autocomplete (GH: #1594)
    - cis:
      + make service non-beta
      + post enable message pointing to docs
      + update cis help url
    - docs: update releases.md per SRU review feedback on branch structuring
    - enable: correct messaging for beta service (GH: #1588)
    - errors: print a more helpful message when ssl fails (GH: #1618)
    - fips:
      + Block enabling fips if fips-updates once enabled (GH: #1600)
      + Update output of fips commands (GH: #1631)
    - livepatch: alert when snapd does not have wait cmd (LP: #1927329)
    - logging: remove tracebacks for UserFacingErrors (GH: #1586)
    - messaging:
      + Infra and Apps messaging is mutually exclusive (GH: #1573)
      + point to u.com/16-04 instead of u.com/advantage on ESM (GH: #1584)
      + separate _remove_msg_template. emit no warranty on infra disabled
    - pro: obtain AWS IMDSv2 API token before trying to grab pkcs7 doc
      (GH: #1608)
    - status: do not show info if not on contract (GH: #1592)
    - tests:
      + drop trusty specific tests
      + fix mock for handle_message_operations
      + fix motd message for bionic (GH: #1615)
      + integration tests for hirsute and groovy
      + manual test for trusty upgrade to xenial
      + reboot after dist-upgrade for upgrade test
      + test enabling CIS on focal (GH: #1582)
      + update messages in integration tests (GH: #1635)
      + use proposed pocket on xenial upgrade test
    - jenkins:
      + add pytest runs for xenial and bionic
      + run focal lxd integration tests

 -- Grant Orndorff <email address hidden> Mon, 24 May 2021 14:50:47 -0400

Changed in ubuntu-advantage-tools (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ubuntu-advantage-tools - 27.1~21.04.1

---------------
ubuntu-advantage-tools (27.1~21.04.1) hirsute; urgency=medium

  * Backport new upstream release: (LP: #1929597) to hirsute

 -- Lucas Moura <email address hidden> Thu, 27 May 2021 16:12:08 -0300

Changed in ubuntu-advantage-tools (Ubuntu Hirsute):
status: In Progress → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ubuntu-advantage-tools - 27.1~20.10.1

---------------
ubuntu-advantage-tools (27.1~20.10.1) groovy; urgency=medium

  * Backport new upstream release: (LP: #1929597) to groovy

 -- Lucas Moura <email address hidden> Thu, 27 May 2021 16:05:18 -0300

Changed in ubuntu-advantage-tools (Ubuntu Groovy):
status: In Progress → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ubuntu-advantage-tools - 27.1~20.04.1

---------------
ubuntu-advantage-tools (27.1~20.04.1) focal; urgency=medium

  * Backport new upstream release: (LP: #1929597) to focal

 -- Lucas Moura <email address hidden> Thu, 27 May 2021 15:58:37 -0300

Changed in ubuntu-advantage-tools (Ubuntu Focal):
status: In Progress → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ubuntu-advantage-tools - 27.1~18.04.1

---------------
ubuntu-advantage-tools (27.1~18.04.1) bionic; urgency=medium

  * Backport new upstream release: (LP: #1929597) to bionic

 -- Lucas Moura <email address hidden> Thu, 27 May 2021 15:50:28 -0300

Changed in ubuntu-advantage-tools (Ubuntu Bionic):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.